Your one-stop web resource providing safety and security information to manufacturers

Siemens released an update and is working on others to mitigate an improper validation in its EN100 Ethernet module, according to a report with NCCIC.

The EN100 Ethernet module for the SWT 3000 management platform is affected by security vulnerabilities that could allow an attacker to conduct a denial-of-service attack over the network. Victor Nikitin, Vladislav Suchkov, and Ilya Karpov from ScadaX discovered the vulnerabilities.

RELATED STORIES
Fuji has Fix for Alpha5 Smart Loader
Omron Updates CX-Supervisor Fix
Kunbus Updates PR100088 Modbus Gateway Fix
Siemens Fixes SIMATIC S7-1500 CPU

A communication module for SWT 3000 management platform, a firmware variant IEC 61850 for EN100 Ethernet module version prior to 4.33 suffer from the remotely exploitable vulnerability.

In the vulnerability, specially crafted packets to Port 102/TCP could cause a denial-of-service condition in the affected products. A manual restart is required to recover the EN100 module functionality of the affected devices.

Cyber Security

CVE-2018-11451 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.5.

In addition, specially crafted packets to Port 102/TCP could cause a denial-of-service condition in the EN100 module if oscillographs are running. A manual restart is required to recover the EN100 module functionality.

CVE-2018-11452 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.9.

The product sees use mainly in the energy sector. It also sees action on a global basis.

No known public exploits specifically target these vulnerabilities. However, an attacker with low skill level could leverage the vulnerability.

Siemens released update v4.33 for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.

Siemens identified the following specific workarounds and mitigations users can apply to reduce the risk: Block access to Port 102/TCP.

For additional information see Siemens’ security advisory SSA-325546.

Pin It on Pinterest

Share This